Threats to the Software Development Security Domain

Explain the difference between a virus and a worm. Describe what a Trojan Horse and a Logic Bomb are.

Software Development Security Countermeasures

What is Change Management and how is it used to control security breaches? What is Configuration Management and how is it used to control security breaches? What is Patch management and how is it used to control security breaches?

Security Operations Practices

 

Describe the administrative management practices of separation of duties, job rotation, and mandatory vacations and their role within operations security.

Operations Security Attacks and Countermeasures

Describe the different methods of RAID. What is RAIT?

1.     BCP and DRP are getting more attention in organizations today because the risks are better understood, business partnership constructs require them, and regulatory and legal requirements pertaining to this type of protection are increasing. Provide examples with organizations that have undergone these BC/DR requirements for their business nature. You may use fictitious examples to support your arguments.

2.     Unfortunately, many companies have to experience the pain of a disaster to understand how it could have circumvented or mitigated the events that caused the pain. Provide a short Disaster Recovery Plan (DRP) to prevent a small company’s IT operation. Make a list of procedures to complete in preparation of the DRP. You may use fictitious examples to support your arguments.

3.     To develop and carry out business continuity efforts successfully, plenty of thought, planning, time, and effort must go into the different phases of this activity. The real threats must be identified and understood, reasonable countermeasures must be put into place, and detailed plans must be outlined for the unfortunate but anticipated day when they are needed. As part of the DRP, make a list of procedures to complete a successful DR plan. You may use fictitious examples to support your arguments if needed.

1.     Although functionality is the first concern when developing software, adding security into the mix before the project starts and then integrating it into every step of the development process would be highly beneficial. Although many companies do not view this as the most beneficial approach to software development, they are becoming convinced of it over time as more security patches and fixes must be developed and released, and as their customers continually demand more secure products. Explain the best security software development lifecycle (SDLC) methodology.

2.     Software development is a complex task, especially as technology ages at the speed of light, environments evolve, and more expectations are placed upon vendors who wish to be the “king of the mountain” within the software market. This complexity also makes implementing effective security more challenging. For years, programmers and developers did not need to consider security issues within their code, but this trend is changing. Education, experience, awareness, enforcement, and the demands of the consumers are all necessary pieces to bring more secure practices and technologies to the program code we all use. Given this environment, what suggestions do you have to keep our SDLC secure and mature?

3.     Explain the best security practices in patch management, configuration management to avoid any software security issues.

 

 

    • 9 years ago
    A+ Answers
    NOT RATED

    Purchase the answer to view it

    blurred-text
    • attachment
      solved256.docx